VYPR

MetaDefender Kiosk

by OPSWAT

CVEs (4)

  • CVE-2024-52925MedFeb 26, 2025
    risk 0.44cvss 6.8epss 0.00

    In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives.

  • CVE-2023-36659Sep 15, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication).

  • CVE-2023-36658Sep 15, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally.

  • CVE-2023-36657Sep 15, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows (desktop shortcuts, narrator) can be abused for privilege escalation.